Upcoming Lintian changes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Aptdaemon |
New
|
Undecided
|
Unassigned |
Bug Description
There are some changes to Lintian that may affect apt-daemon[1]. These changes are currently planned to be released with 2.5.12.
=The "good"=
--profile will now accept the keyword "{VENDOR}" in its argument. Lintian will replace that keyword with the "most specific vendor" that has a profile matching the result. Example:
--profile '{VENDOR}
would try "ubuntu/aptdaemon" and then "debian/aptdaemon" on a Ubuntu system.
New command line option --ignore-
=The "bad"=
We are adding XDG support so you have to account for XDG_* variables messing up stuff as well. --ignore-
Lintian will start to load code from its "search directories"[3]. An incorrect fix to this could lead to privilege escalation assuming Lintian is running at higher permissions than the user requesting the action. You may want to use the new--no-user-dirs and then explicitly allow trusted directories via (the new) --include-dir option. The only downside here is that Lintian will not check these directories for lintianrc files.
~Niels
#701477: http://
[1] See https:/
[2] Note that XDG_{CONFIG,
[3] At the moment, these are (by default): ~/.lintian:
However, they will probably be changed to include/replaced by XDG_DATA_